<?php
    $xtpl_billing   = new XTemplate("view/shopcart/billing.htm");
    
	if(isset($_POST['submit'])){
		$fullname = $_POST['fullname'];
		$email    = $_POST['email'];
		$address  = $_POST['address'];
		$phone    = $_POST['phone'];
		
        if(($_POST['fullname']!=NULL)&&($_POST['email']!=NULL)&&($_POST['address']!=NULL)&&($_POST['phone']!=NULL)){
            $sql      = "INSERT INTO customer(fullname, email, address, phone) VALUES ('$fullname', '$email', '$address', '$phone')";
    		$result       = mysql_query($sql);
    		$customerid   = mysql_insert_id();

            $sql        = "INSERT INTO orders(id_c, date, status) VALUES ('$customerid', '$today', '0')";
    		$result     = mysql_query($sql);
    		$orderid    = mysql_insert_id();
    		
    		$max  = count($_SESSION['cart']);
    		for($i = 0; $i < $max ; $i++){
    			$pid     = $_SESSION['cart'][$i]['productid'];
    			$q       = $_SESSION['cart'][$i]['qty'];
    			$cost    = get_cost($pid);
                $sql     = "INSERT INTO order_detail(id_o, id_p, number, cost) VALUES ('$orderid', '$pid', '$q', '$cost')";
    			$result  = mysql_query($sql);
    		}
    		$error = "Cảm ơn quý khách đã đặt mua hàng tại công ty chúng tôi";
        }
        else{
            $error = "Quý khách chưa điền đầy đủ thông tin";
        }
	}
    
    $total  = get_order_total();
    
    $xtpl_billing   -> assign('total', $total);
    $xtpl_billing   -> assign('error', $error);
    $xtpl_billing   -> parse("MID");
    $mid            = $xtpl_billing -> text("MID");
?>